Geeks With Blogs

News View Michael Stephenson's profile on BizTalk Blog Doc View Michael Stephenson's profile on LinkedIn
Michael Stephenson keeping your feet on premise while your heads in the cloud February 2007 Entries
Mapping with xsd:DateTime
Problem I was wanting to take a string and map it to a date, if the string was not a valid date then i wanted to return the min date value. i had this seemingly working okay but the problem was i was getting an error that the date was not a compatible xsd date. Solution Im sure there will be other ways of doing this, but i found a handle little class in the System.Runtime.Remoting.Met... namespace called SoapDateTime. Basically it has a handly static method of ToString which will take ......

Posted On Saturday, February 24, 2007 8:36 PM

Kerberos Adventures - WSE Adapter Publishing Wizard does not use KerberosToken2
Problem When i published my orchestration as a web service and called it i got the message "invalid security token". Upon investigation it is because the wizard produces a policy file which uses the KerberosToken rather than KerberosToken2. You can tell this be the namespace for the token: KerberosToken = KerberosToken2 = Work Around In my solution i need to use KerberosToken2, ......

Posted On Friday, February 23, 2007 9:55 PM

MsTest Error - Unit Test Adapter threw exception
Problem I was trying to run my tests through the visual studio IDE, i was getting the following error: Unit Test Adapter threw exception: System.Reflection.Reflectio... Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.. Symptoms The following symptoms existed: If i chose to debug the tests they all worked. They only failed when doing a normal run Some of my assemblies were signed Solution The solution is that in the code ......

Posted On Monday, February 12, 2007 10:45 AM

Kerberos Adventures - Lessons Learned
The security stuff is pretty much complete so here are some random thoughts after this experience which might be useful to anyone else. Article Description POC Overview Details about the different proof of concepts we did to validate all of the different scenarios we require. Useful Links Some links to articles and blogs which will provide useful background information Useful Tools Links to tools which were useful to help troubleshooting this implementation Problems - Error Consuming a service from ......

Posted On Friday, February 9, 2007 6:31 PM

Kerberos Adventures - Problem: Exposing an Orchestration from BizTalk with the WSE 2 Adapter and using Kerberos
Scenario I was trying to implement the requirement to use Kerberos to sign and encrypt the messages to and from a web service which was generated using the WSE 2 Web Service Publishing Wizard to expose a BizTalk Orchestration as a web service. Problem I had this all setup as I expected to work. The SPN and everything seemed correct but when I called it I kept getting the following error message: System.Web.Services.Protoco... Server unavailable, please try later ---> System.Security.SecurityExc... ......

Posted On Tuesday, February 6, 2007 10:15 PM

Kerberos Adventures - Problem: 401 Unauthorised - User equals null
Scenario We were trying to implement a delegation scenario similar to the one in the POC (Web Services using Delegation). While implementing this we came across the problem where we seemed to not be passing the clients credentials. We constantly got the IIS 401 Unauthorized return code. Symptoms In this example we got some of the following symptoms: In the IIS Log of the back end service there would be no credential specified. When calling the back end service locally on the machine where it sits ......

Posted On Tuesday, February 6, 2007 10:07 PM

Kerberos Adventures - Problem: Error consuming web service from Windows XP SP2 client
Scenario We have a windows XP Client which is calling a .net 2 Web Service which uses WSE 2.0 SP3 on a remote Windows 2003 Server. When we make the call we get the following error message: "System.ApplicationException: InitializeSecurityContext call failed with the following error message: A specified logon session does not exist. It may already have been terminated." We only get this message when calling our web service from a client running Windows XP Service Pack 2. Symptoms You will get the following ......

Posted On Tuesday, February 6, 2007 10:04 PM

Kerberos Adventures - Overview
This post will provide an overview of the planned proof of concepts we have been working on to try and get this right. In this series of posts I intend to provide a step by step guide for setting up each of these scenarios. Or if there is a sufficient walk through already available I will point you to that. The proof of concepts I intend to cover are: Web Services secured with Kerberos This proof of concept aims to show we can create web services which can be secured with a Kerberos token. Web Services ......

Posted On Monday, February 5, 2007 9:38 PM

Kerberos Adventures - Useful Tools
The following tools proved useful in diagnosing problems with this Tool Description Link KerbTray Windows 2003 Support Tools Contains the tool SETSPN which you need to register an SPN. Located on windows 2003 disk or at the following url: WSE Trace Tool Provides a tool to look over the WSE Trace output files ......

Posted On Friday, February 2, 2007 12:46 PM

Kerberos Adventures - Useful Information Links
This post will list some of the sources of information I have found useful during my "Kerberos Adventures" Recommended Reading To help you get up to speed quickly I would recommend checking out the following resources. There are additional resources below. Kerberos Delegation Troubleshooting Guide Pretty much walks you through all of setting up a delegation scenario and will tell you how to do each step and what is going on in relation to a good sample. ......

Posted On Friday, February 2, 2007 12:40 PM

Kerberos Adventures - Introduction
I am currently on a medium - large sized project where one of the things we are planning to do is use BizTalk and Web Services. Within the architecture we have plans to support credential flow across tiers. It has proven quite difficult to get this working and then doing things with BizTalk has added an additional twist which also proved tricky. During the course of working on resolving our issues and also setting up these proof of concepts I have found that there is useful information out there ......

Posted On Friday, February 2, 2007 12:38 PM

Copyright © Michael Stephenson | Powered by: